Cyber attacks, the use of computer viruses and hacking to invade and manipulate information systems, is almost universally described by Western political and military leaders as one of the greatest threats. Every day, literally thousands of cyber attacks are made on civilian and military systems, most of them designed to steal information.
U.S. Joint Chiefs Chairman, General Martin Dempsey, warned on June 27, 2013, that the United States must be prepared for the revolutionary threat represented by cyber warfare (Claudette Roulo, DoD News, Armed Force Press Service): “One thing is clear. Cyber has escalated from an issue of moderate concern to one of the most serious threats to our national security,” cautioned Chairman Dempsey, “We now live in a world of weaponized bits and bytes, where an entire country can be disrupted by the click of a mouse.”
Skeptics claim that the catastrophic scenarios envisioned for cyber warfare are grossly exaggerated, in part to justify costly cyber programs wanted by both the Pentagon and industry at a time of scarce defense dollars. Many of the skeptical arguments about the limitations of hacking and computer viruses are technically correct.
However, it is not widely understood that foreign military doctrines define “information warfare” and “cyber warfare” as encompassing kinetic attacks and electromagnetic pulse (EMP) attack–which is an existential threat.
Thomas Rid’s book Cyber War Will Not Take Place (Oxford University Press, 2013) exemplifies the viewpoint of a vocal minority of highly talented cyber security experts and scholars who think there is a conspiracy of governments and industry to hype the cyber threat. Rid’s bottom line is that hackers and computer bugs are capable of causing inconvenience–not apocalypse. Cyber attacks can deny services, damage computers selectively but probably not wholesale, and steal information, according to Rid. He does not rule out that future hackers and viruses could collapse the electric grid, concluding such a feat would be, not impossible, but nearly so.
In a 2012 BBC interview, Rid chastised then Secretary of Defense Leon Panetta for claiming that Iran’s Shamoon Virus, used against the U.S. banking system and Saudi Arabia’s ARAMCO, could foreshadow a “Cyber Pearl Harbor” and force threatening military retaliation against Iran. Rid told the BBC that the world has, “Never seen a cyber attack kill a single human being or destroy a building.”
Cyber security expert Bruce Schneier claims, “The threat of cyberwar has been hugely hyped” to keep growing cyber security programs at the Pentagon’s Cyber Command, the Department of Homeland Security, and new funding streams to Lockheed Martin, Raytheon, Century Link, and AT&T, who are all part of the new cyber defence industry. The Brookings Institute’s Peter Singer wrote in November 2012, “Zero. That is the number of people who have been hurt or killed by cyber terrorism.” Ronald J. Delbert, author of Black Code: Inside the Battle for Cyberspace, a lab director and professor at the University of Toronto, accuses RAND and the U.S. Air Force of exaggerating the threat from cyber warfare.
Peter Sommer of the London School of Economics and Ian Brown of Oxford University, in Reducing Systemic Cybersecurity Risk, a study for Europe’s Organization for Economic Cooperation and Development, are far more worried about natural EMP from the Sun than computer viruses: “a catastrophic cyber incident, such as a solar flare that could knock out satellites, base stations and net hardware” makes computer viruses and hacking “trivial in comparison.”
The now declassified Aurora experiment, conducted by the U.S., is the empirical basis for the claim that a computer virus might be able to collapse the national electric grid. In Aurora, a virus was inserted into the SCADAS running a generator, causing the generator to malfunction and eventually destroy itself.
However, using a computer virus to destroy a single generator does not prove it is possible or likely that an adversary could destroy all or most of the generators in the United States. Aurora took a protracted time to burn out a generator–and no intervention by technicians attempting to save the generator was allowed, as would happen in a nationwide attack, if one could be engineered.
Nor is there a single documented case of even a local blackout being caused in the United States by a computer virus or hacking–which it seems should have happened by now, if vandals, terrorists, or rogue states could attack U.S. critical infrastructures easily by hacking.
Stuxnet Worm and Gaza Cyber War
Even the Stuxnet Worm, the most successful computer virus so far, reportedly according to White House sources jointly engineered by the U.S. and Israel to attack Iran’s nuclear weapons program, proved a disappointment. Stuxnet succeeded in damaging only 10 percent of Iran’s centrifuges for enriching uranium, and did not stop or even significantly delay Tehran’s march towards the bomb.
During the recently concluded Gaza War between Israel and Hamas, a major cyber campaign using computer bugs and hacking was launched against Israel by Hamas, the Syrian Electronic Army, Iran, and by sympathetic hackers worldwide. The Gaza War was a Cyber World War against Israel.
The Institute for National Security Studies, at Tel Aviv University, in “The Iranian Cyber Offensive during Operation Protective Edge” (August 26, 2014) reports that the cyber attacks caused inconvenience and in the worst case some alarm, over a false report that the Dimona nuclear reactor was leaking radiation: “…the focus of the cyber offensive…was the civilian internet. Iranian elements participated in what the C4I officer described as an attack unprecedented in its proportions and the quality of its targets….The attackers had some success when they managed to spread a false message via the IDF’s official Twitter account saying that the Dimona reactor had been hit by rocket fire and that there was a risk of a radioactive leak.”
However, the combined hacking efforts of Hamas, the Syrian Electronic Army, Iran and hackers worldwide did not blackout Israel or significantly impede Israel’s war effort.
But tomorrow is always another day. Cyber warriors are right to worry that perhaps someday someone will develop the cyber bug version of an atomic bomb. Perhaps such a computer virus already exists in a foreign laboratory, awaiting use in a future surprise attack.
On July 6, 2014, reports surfaced that Russian intelligence services allegedly infected 1,000 power plants in Western Europe and the United States with a new computer virus called Dragonfly. No one knows what Dragonfly is supposed to do. Some analysts think it was just probing the defences of western electric grids. Others think Dragonfly may have inserted logic bombs into SCADAS that can disrupt the operation of electric power plants in a future crisis.
Escalating Cyber Attacks
Tomorrow’s cyber super-threat, that with computer viruses and hacking alone can blackout the national electric grid for a year or more, and so destroy an entire nation, may already be upon us today. Admiral Michael Rogers on November 20, 2014, warned the House Permanent Select Committee on Intelligence that sophisticated great powers like China and Russia have the capability to blackout the entire U.S. national electric grid for months or years by means of cyber attack, according to press reports.
Admiral Rogers, as Chief of U.S. Cyber Command and Director of the National Security Agency, is officially the foremost U.S. authority on the cyber threat. “It is only a matter of the when, not the if, that we are going to see something traumatic,” Admiral Rogers testified to Congress, as reported on CNN (November 21, 2014).
However, Jonathan Pollett, a cyber-security expert, in an article challenged Admiral Rogers’ warning as wrong, or misunderstood and exaggerated by the press: “No, hackers can’t take down the entire, or even a widespread portion of the US electric grid. From a logistical standpoint, this would be far too difficult to realistically pull off,” writes Pollett in “What Hackers Can Do To Our Power Grid,” Business Insider (November 23, 2014).
Yet, on March 31, 2015, Turkey’s national electric grid was temporarily blacked-out, briefly causing widespread chaos to businesses and society in a member of NATO and crucial U.S. ally in the Middle East. Reportedly, Iran caused the blackout by a cyber attack. But Turkey has not officially confirmed that Iran was the culprit. If so, it will be the first time in history that a nationwide blackout is confirmed as resulting from cyber warfare.
In June 2015, congressional hearings revealed the discovery, about a year earlier, that China, possibly the Chinese Peoples Liberation Army (PLA), hacked into computer files at the U.S. Office of Personnel Management and stole sensitive information on 30 million federal employees and U.S. citizens.
Russia apparently made a cyber attack on the U.S. Joint Chiefs of Staff in July 2015 that crippled an unclassified e-mail communications network used by the Joint Chiefs. “The U.S. military believes hackers connected to Russia are behind the recent intrusion into a key, unclassified e-mail server used by the office of the Joint Chiefs,” according to a CNN report (“Official: Russia Suspected in Joint Chiefs E-mail Server Intrusion” August 7, 2015), “Military officials assessed the attack had a sophistication that indicates it came from a state-associated actor.” The widely reported Russian cyber attack on the Joint Chiefs disrupted e-mail communications for 4,000 users at the Defense Department for over 10 days.
The same CNN report noted that in April 2015 another Russian cyber attack penetrated “sensitive parts of the White House computer system.”
Few Americans make any connection between cyber theft and EMP attacks on the grid that would threaten the existence of our society. But when you understand China and Russia’s military doctrine on Total Information Warfare, these cyber thefts and intrusions look less like isolated cases of theft and hacking and more like probing U.S. defences and gauging Washington reactions–perhaps in preparation for an all-out cyber offensive that would include physical sabotage, radiofrequency weapons, and nuclear EMP attack. In Nazi Germany’s blitzkrieg strategy, the massed onslaught of heavy armoured divisions was always preceded by scouting and probing by their motorcycle corps. The same principle may be at work here in cyber space with probing attacks on the U.S. from China, Russia, North Korea and Iran.
This article is excerpted from Dr. Peter Pry’s forthcoming book Blackout Wars available through CreateSpace.com and Amazon.com.